sys, dll: Security

2025-04-22 08:23:05 -05:00 · 2016-02-17 12:39:53 -08:00 · 2016-02-17 12:39:53 -08:00 · e3ed7a9a2c
commit e3ed7a9a2c
parent 9514bcfd8c
7 changed files with 67 additions and 3 deletions
--- a/build/VStudio/winfsp_dll.vcxproj
+++ b/build/VStudio/winfsp_dll.vcxproj
@ -34,6 +34,7 @@
    <ClCompile Include="..\..\src\dll\dispatch.c" />
    <ClCompile Include="..\..\src\dll\ntstatus.c" />
    <ClCompile Include="..\..\src\dll\path.c" />
+    <ClCompile Include="..\..\src\dll\security.c" />
    <ClCompile Include="..\..\src\dll\volinfo.c" />
  </ItemGroup>
  <ItemGroup>
--- a/build/VStudio/winfsp_dll.vcxproj.filters
+++ b/build/VStudio/winfsp_dll.vcxproj.filters
@ -58,6 +58,9 @@
    <ClCompile Include="..\..\src\dll\dispatch.c">
      <Filter>Source</Filter>
    </ClCompile>
+    <ClCompile Include="..\..\src\dll\security.c">
+      <Filter>Source</Filter>
+    </ClCompile>
  </ItemGroup>
  <ItemGroup>
    <None Include="..\..\src\dll\ntstatus.i">
--- a/inc/winfsp/fsctl.h
+++ b/inc/winfsp/fsctl.h
@ -230,6 +230,17 @@ typedef struct
                } Label;
            } Info;
        } SetVolumeInformation;
+        struct
+        {
+            UINT64 UserContext;
+            UINT64 UserContext2;
+        } QuerySecurity;
+        struct
+        {
+            UINT64 UserContext;
+            UINT64 UserContext2;
+            FSP_FSCTL_TRANSACT_BUF SecurityDescriptor;
+        } SetSecurity;
    } Req;
    FSP_FSCTL_TRANSACT_BUF FileName;    /* {Create,Cleanup,SetInformation/{Disposition,Rename}} */
    FSP_FSCTL_DECLSPEC_ALIGN UINT8 Buffer[];
@ -283,6 +294,10 @@ typedef struct
        {
            FSP_FSCTL_VOLUME_INFO VolumeInfo;
        } SetVolumeInformation;
+        struct
+        {
+            FSP_FSCTL_TRANSACT_BUF SecurityDescriptor;
+        } QuerySecurity;
    } Rsp;
    FSP_FSCTL_DECLSPEC_ALIGN UINT8 Buffer[];
 } FSP_FSCTL_TRANSACT_RSP;
--- a/inc/winfsp/winfsp.h
+++ b/inc/winfsp/winfsp.h
@ -88,6 +88,14 @@ typedef struct _FSP_FILE_SYSTEM_INTERFACE
        FSP_FSCTL_TRANSACT_REQ *Request,
        PVOID FileNode,
        PWSTR FileName, PWSTR NewFileName, BOOLEAN ReplaceIfExists);
+    NTSTATUS (*GetSecurity)(FSP_FILE_SYSTEM *FileSystem,
+        FSP_FSCTL_TRANSACT_REQ *Request,
+        PVOID FileNode,
+        PSECURITY_DESCRIPTOR SecurityDescriptor, SIZE_T *PSecurityDescriptorSize);
+    NTSTATUS (*SetSecurity)(FSP_FILE_SYSTEM *FileSystem,
+        FSP_FSCTL_TRANSACT_REQ *Request,
+        PVOID FileNode,
+        PSECURITY_DESCRIPTOR SecurityDescriptor);
 } FSP_FILE_SYSTEM_INTERFACE;
 typedef struct _FSP_FILE_SYSTEM
 {
@ -186,6 +194,10 @@ FSP_API NTSTATUS FspFileSystemOpQueryVolumeInformation(FSP_FILE_SYSTEM *FileSyst
    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response);
 FSP_API NTSTATUS FspFileSystemOpSetVolumeInformation(FSP_FILE_SYSTEM *FileSystem,
    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response);
+FSP_API NTSTATUS FspFileSystemOpQuerySecurity(FSP_FILE_SYSTEM *FileSystem,
+    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response);
+FSP_API NTSTATUS FspFileSystemOpSetSecurity(FSP_FILE_SYSTEM *FileSystem,
+    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response);
 static inline
 NTSTATUS FspAccessCheck(FSP_FILE_SYSTEM *FileSystem,
    FSP_FSCTL_TRANSACT_REQ *Request,
--- a/src/dll/create.c
+++ b/src/dll/create.c
@ -19,7 +19,7 @@ FSP_API PGENERIC_MAPPING FspGetFileGenericMapping(VOID)
    return &FspFileGenericMapping;
 }

-static NTSTATUS FspGetSecurity(FSP_FILE_SYSTEM *FileSystem,
+static NTSTATUS FspGetSecurityByName(FSP_FILE_SYSTEM *FileSystem,
    PWSTR FileName, PUINT32 PFileAttributes,
    PSECURITY_DESCRIPTOR *PSecurityDescriptor, SIZE_T *PSecurityDescriptorSize)
 {
@ -93,7 +93,7 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
                break;
            }

-            Result = FspGetSecurity(FileSystem, Prefix, 0,
+            Result = FspGetSecurityByName(FileSystem, Prefix, 0,
                &SecurityDescriptor, &SecurityDescriptorSize);

            FspPathCombine(FileName, Remain);
@ -118,7 +118,7 @@ FSP_API NTSTATUS FspAccessCheckEx(FSP_FILE_SYSTEM *FileSystem,
        }
    }

-    Result = FspGetSecurity(FileSystem, FileName, &FileAttributes,
+    Result = FspGetSecurityByName(FileSystem, FileName, &FileAttributes,
        &SecurityDescriptor, &SecurityDescriptorSize);
    if (!NT_SUCCESS(Result))
        goto exit;
--- a/src/dll/dispatch.c
+++ b/src/dll/dispatch.c
@ -49,6 +49,8 @@ FSP_API NTSTATUS FspFileSystemCreate(PWSTR DevicePath,
    FileSystem->Operations[FspFsctlTransactQueryVolumeInformationKind] = FspFileSystemOpQueryVolumeInformation;
    FileSystem->Operations[FspFsctlTransactSetVolumeInformationKind] = FspFileSystemOpSetVolumeInformation;
    // !!!: ...
+    FileSystem->Operations[FspFsctlTransactQuerySecurityKind] = FspFileSystemOpQuerySecurity;
+    FileSystem->Operations[FspFsctlTransactSetSecurityKind] = FspFileSystemOpSetSecurity;
    FileSystem->Interface = Interface;

    *PFileSystem = FileSystem;
--- a/src/dll/security.c
+++ b/src/dll/security.c
@ -0,0 +1,31 @@
+/**
+ * @file dll/security.c
+ *
+ * @copyright 2015 Bill Zissimopoulos
+ */
+
+#include <dll/library.h>
+
+FSP_API NTSTATUS FspFileSystemOpQuerySecurity(FSP_FILE_SYSTEM *FileSystem,
+    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response)
+{
+    NTSTATUS Result;
+
+    if (0 == FileSystem->Interface->GetSecurity)
+        return STATUS_INVALID_DEVICE_REQUEST;
+
+    (VOID)Result;
+    return STATUS_INVALID_DEVICE_REQUEST;
+}
+
+FSP_API NTSTATUS FspFileSystemOpSetSecurity(FSP_FILE_SYSTEM *FileSystem,
+    FSP_FSCTL_TRANSACT_REQ *Request, FSP_FSCTL_TRANSACT_RSP *Response)
+{
+    NTSTATUS Result;
+
+    if (0 == FileSystem->Interface->SetSecurity)
+        return STATUS_INVALID_DEVICE_REQUEST;
+
+    (VOID)Result;
+    return STATUS_INVALID_DEVICE_REQUEST;
+}